Het is nu do jul 24, 2014 6:53 pm

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles




Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 20 berichten ]  Ga naar pagina 1, 2  Volgende
Auteur Bericht
BerichtGeplaatst: za feb 12, 2011 3:18 pm 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
Mijn probleem doet zich voor als ik een cd heb ingestoken en naar mijn computer ga dan loopt hij vast.
Ik heb al vanalles gedaan maar niets helpt. hier zijn mijn logjes.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Databaseversie: 5747

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

12/02/2011 13:29:17
mbam-log-2011-02-12 (13-29-17).txt

Scantype: Snelle scan
Objecten gescand: 167970
Verstreken tijd: 3 minuut/minuten, 0 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

gmer logje

GMER 1.0.15.15530 - http://www.gmer.net
Rootkit scan 2011-02-12 14:16:02
Windows 6.1.7600
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0c6076d49816
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313f6dd43
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBD 0x32 0x69 0x72 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0c6076d49816 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313f6dd43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xBD 0x32 0x69 0x72 ...

---- EOF - GMER 1.0.15 ----

dds

DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by danny at 14:07:27,64 on za 12/02/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4014.2055 [GMT 1:00]

AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE
C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Telenet Security Pack\Common\FSHDLL64.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe
C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Telenet Security Pack\FWES\Program\fsdfwd.exe
C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
C:\Program Files (x86)\dan hijack\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\danny\Downloads\gmer\gmer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\danny\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=eu01
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain ... &bmod=EU01
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
LSP: C:\Program Files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{32099AAC-C132-4136-9E9A-4E364A424E17}
mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [Apoint] %ProgramFiles%\Apoint\Apoint.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
mRun-x64: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-8 55856]
R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2010-12-21 27120]
R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2010-12-21 19952]
R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2010-8-10 57920]
R1 FSES;F-Secure Email Scanning Driver;C:\Windows\System32\drivers\fses.sys [2010-8-10 45624]
R1 FSFW;F-Secure Firewall Driver;C:\Windows\System32\drivers\fsdfw.sys [2010-8-10 94280]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2010-8-10 14904]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2010-12-21 27632]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-7-14 32240]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe [2010-8-10 215648]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-2-12 363344]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-8-8 14112]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2009-11-23 93696]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2009-11-23 75776]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-8-8 104960]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-9-15 845312]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-8-8 19968]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-11-23 52264]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-11-23 35104]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2010-8-10 194728]
R3 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2010-8-10 63992]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-11-23 151040]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-2-12 24152]
R3 NETw5s64;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-11-12 155752]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2009-11-23 11392]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-8-8 571248]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-8-8 1223024]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-11-23 393216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-12 135664]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-24 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-8 1255736]
S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\win2k\fsfilter.sys [2010-8-10 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\win2k\fsrec.sys [2010-8-10 25184]
S4 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-9-29 257936]

=============== Created Last 30 ================

2011-02-12 12:09:04 388096 ----a-r- C:\Users\danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-12 12:09:04 -------- d-----w- C:\Program Files (x86)\dan hijack
2011-02-12 11:50:26 -------- d-s---w- C:\ComboFix
2011-02-12 10:45:25 98816 ----a-w- C:\Windows\sed.exe
2011-02-12 10:45:25 89088 ----a-w- C:\Windows\MBR.exe
2011-02-12 10:45:25 256512 ----a-w- C:\Windows\PEV.exe
2011-02-12 10:45:25 161792 ----a-w- C:\Windows\SWREG.exe
2011-02-12 08:34:13 -------- d-----w- C:\Users\danny\AppData\Roaming\Malwarebytes
2011-02-12 08:34:00 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-12 08:33:58 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-02-12 08:33:54 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-02-12 08:33:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-02-11 06:21:19 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{67D0D0B9-353C-4166-968E-D611B76C59DB}\mpengine.dll
2011-02-09 06:31:59 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-02-09 06:31:58 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-02-09 06:31:54 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-09 06:31:54 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-09 06:31:53 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-09 06:31:53 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-30 15:25:31 -------- d-----w- C:\Users\danny\AppData\Local\Microsoft Games
2011-01-30 13:57:00 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-01-22 20:48:48 -------- d-----w- C:\Users\danny\AppData\Roaming\Ubisoft
2011-01-22 20:23:54 91568 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2011-01-22 20:23:54 -------- d-----w- C:\Program Files (x86)\PowerISO
2011-01-22 19:13:59 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes
2011-01-19 09:58:41 -------- d-----w- C:\Users\danny\Tracing
2011-01-13 21:03:10 -------- d-----w- C:\Program Files (x86)\DAEMON Tools Toolbar
2011-01-13 21:00:04 -------- d-----w- C:\Users\danny\AppData\Roaming\DAEMON Tools Pro
2011-01-13 21:00:04 -------- d-----w- C:\PROGRA~3\DAEMON Tools Pro

==================== Find3M ====================

2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-17 06:47:11 94280 ----a-w- C:\Windows\System32\drivers\fsdfw.sys
2010-12-17 06:46:32 45624 ----a-w- C:\Windows\System32\drivers\fses.sys

============= FINISH: 14:07:57,95 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/08/2010 18:25:18
System Uptime: 12/02/2011 12:52:51 (2 hours ago)

Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz | N/A | 2400/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 456 GiB total, 139,577 GiB free.
D: is Removable
E: is CDROM ()
F: is Removable
G: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP165: 3/02/2011 15:44:17 - Gepland controlepunt
RP166: 4/02/2011 7:15:06 - Windows Update
RP167: 8/02/2011 7:07:14 - Windows Update
RP168: 9/02/2011 8:05:45 - Windows Update
RP169: 11/02/2011 7:20:21 - Windows Update
RP170: 12/02/2011 13:00:46 - Installed HiJackThis
RP171: 12/02/2011 13:08:26 - Installed HiJackThis

==== Installed Programs ======================


Activision(R)
Addiction Pinball
Adobe AIR
Adobe Community Help
Adobe Flash Player 10 ActiveX
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.2 - Nederlands
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
Assassin's Creed II
µTorrent
Blur(TM)
Call of Duty: Black Ops
Compatibiliteitspakket voor het 2007 Microsoft Office system
Corel WinDVD
Counter-Strike: Source
Counter-Strike: Source Beta
D3DX10
Evernote
F-Secure PSC Prerequisites


Omhoog
 Profiel  
 
BerichtGeplaatst: za feb 12, 2011 8:35 pm 
Offline
Helper
Avatar gebruiker

Geregistreerd: wo aug 05, 2009 1:51 pm
Berichten: 3534
Besturingssysteem: Windows 7
Bescherming: .
Hoi,

Ik zie dat je ComboFix ook hebt laten lopen. Zou je het logje willen posten op het forum?
Te vinden als C:\ComboFix.tx

Woudje100

_________________
AfbeeldingAvira AntiVir zonder reclame

Goed geholpen ? Overweeg dan een vrijblijvende donatie.. Bedankjes i.p.v. Donatie kan ook. :)


Omhoog
 Profiel  
 
BerichtGeplaatst: zo feb 13, 2011 11:00 am 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
Ik heb combofix willen laten lopen maar tijdens het scannen geeft hij een fout.
windows opdrachtprocessor werkt niet meer


Omhoog
 Profiel  
 
BerichtGeplaatst: zo feb 13, 2011 12:49 pm 
Offline
Helper
Avatar gebruiker

Geregistreerd: wo aug 05, 2009 1:51 pm
Berichten: 3534
Besturingssysteem: Windows 7
Bescherming: .
Hoi,

We gaan eerst een Bitdefender online scan uitvoeren.

Internet Explorer
Let op!!! Windows Vista & 7 gebruikers dienen Internet Explorer als administrator uit te voeren "Rechtermuisknop uitvoeren als administrator",
Ga naar de site : http://www.bitdefender.com/scanner/online/free.html
  • Klik op de knop "Start Scanner"
  • Vink de optie "I agree with the Terms and Conditions" aan en klik op "Start here"
  • Als er gevraagd wordt om de invoeg toepassing te installeren dan sta je dit toe.
    • Afbeelding
  • Als er een melding komt van UAC (Gebruikersaccountbeheer) klikt u op "Ja"
  • Klik nu op "Start scan" en doe verder niets op de PC.
  • Klik als de scan gereed is op "Click here to view report"
  • Selecteer de inhoud hiervan en kopieer dit in uw volgende bericht.

Firefox
Ga naar de site : http://www.bitdefender.com/scanner/online/free.html
  • Klik op de knop "Start Scanner"
  • Klik nu op de knop "Free scan now"
  • Klik op "toestaan" als er gevraagd wordt om de extensie van BitDefender te installeren.
  • Laat hierna Firefox "herstarten" sluit hierna het venster "add-ons"
  • Klik nu nogmaals op "Free scan now" en doe verder niets op de PC.
  • Indien de scan gereed is klikt op "View report"
  • Er wordt nu een kladblok bestand geopend, plaats de inhoud hiervan in uw volgende bericht.

Woudje100

_________________
AfbeeldingAvira AntiVir zonder reclame

Goed geholpen ? Overweeg dan een vrijblijvende donatie.. Bedankjes i.p.v. Donatie kan ook. :)


Omhoog
 Profiel  
 
BerichtGeplaatst: zo feb 13, 2011 7:10 pm 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
BitDefender Online Scanner

Scan report generated at: Sun, Feb 13, 2011 - 14:04:37

Scan path: C:\;D:\;E:\;F:\;G:\;

Statistics
Time
01:56:24
Files
608439
Folders
52992
Boot Sectors
0
Archives
14099
Packed Files
30391

Results
identified Viruses
2
Infected Files
4
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
1
Engines Info
Virus Definitions
6673011
Engine build
AVCORE v2.1 Windows/i386 11.0.0.42 (Oct 18 2010)
Scan plugins
18
Archive plugins
44
Unpack plugins
10
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions

Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Users\danny\games\Avatar the game\avatar-keygen\keygen.exe
Infected with: Gen:Trojan.Heur.FU.SGW@ay4LV3li
C:\Users\danny\games\Avatar the game\avatar-keygen\keygen.exe
Deleted
C:\Users\danny\games\Avatar the game\avatar-keygen.rar=>keygen.exe
Infected with: Gen:Trojan.Heur.FU.SGW@ay4LV3li
C:\Users\danny\games\Avatar the game\avatar-keygen.rar=>keygen.exe
Disinfection failed
C:\Users\danny\games\Avatar the game\avatar-keygen.rar=>keygen.exe
Delete failed
C:\Users\danny\games\Avatar the game\rld-avtr.iso=>Crack/keygen.exe
Infected with: Gen:Trojan.Heur.FU.SGW@ay4LV3li
C:\Users\danny\games\Avatar the game\rld-avtr.iso=>Crack/keygen.exe
Disinfection failed
C:\Users\danny\games\Avatar the game\rld-avtr.iso=>Crack/keygen.exe
Delete failed
C:\Users\danny\games\RCT3\RCT3.S&W.-.mdQ\Roller Coaster Tycoon 3 - Soaked!.iso=>HOODLUM/hlm-intro.exe
Infected with: Trojan.Generic.1235904
C:\Users\danny\games\RCT3\RCT3.S&W.-.mdQ\Roller Coaster Tycoon 3 - Soaked!.iso=>HOODLUM/hlm-intro.exe
Disinfection failed
C:\Users\danny\games\RCT3\RCT3.S&W.-.mdQ\Roller Coaster Tycoon 3 - Soaked!.iso=>HOODLUM/hlm-intro.exe
Delete failed


Omhoog
 Profiel  
 
BerichtGeplaatst: zo feb 13, 2011 7:52 pm 
Offline
Helper
Avatar gebruiker

Geregistreerd: wo aug 05, 2009 1:51 pm
Berichten: 3534
Besturingssysteem: Windows 7
Bescherming: .
Hoi,

Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.

>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier staat een handleiding over hoe je deze kan uitschakelen:)

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

_________________
AfbeeldingAvira AntiVir zonder reclame

Goed geholpen ? Overweeg dan een vrijblijvende donatie.. Bedankjes i.p.v. Donatie kan ook. :)


Omhoog
 Profiel  
 
BerichtGeplaatst: ma feb 14, 2011 7:24 pm 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
ComboFix 11-02-13.04 - danny 14/02/2011 18:07:19.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4014.2424 [GMT 1:00]
Gestart vanuit: c:\users\danny\Desktop\ComboFix.exe
AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Install.exe
c:\programdata\Desktop
c:\users\danny\AppData\Roaming\.#

.
(((((((((((((((((((( Bestanden Gemaakt van 2011-01-14 to 2011-02-14 ))))))))))))))))))))))))))))))
.

2011-02-14 17:14 . 2011-02-14 17:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-02-13 20:00 . 2011-02-13 20:00 -------- d-----w- c:\users\danny\AppData\Local\Apple
2011-02-13 11:05 . 2011-02-13 13:04 -------- d-----w- c:\windows\BDOSCAN8
2011-02-13 00:45 . 2011-02-13 00:45 -------- d-----w- c:\users\danny\AppData\Local\Adobe
2011-02-12 12:09 . 2011-02-12 12:09 388096 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-12 12:09 . 2011-02-12 12:09 -------- d-----w- c:\program files (x86)\dan hijack
2011-02-12 08:34 . 2011-02-12 08:34 -------- d-----w- c:\users\danny\AppData\Roaming\Malwarebytes
2011-02-12 08:34 . 2010-12-20 17:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-12 08:33 . 2011-02-12 08:33 -------- d-----w- c:\programdata\Malwarebytes
2011-02-12 08:33 . 2011-02-12 08:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-02-12 08:33 . 2010-12-20 17:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-02-11 06:21 . 2011-01-13 10:20 7844688 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{67D0D0B9-353C-4166-968E-D611B76C59DB}\mpengine.dll
2011-02-09 06:31 . 2010-10-27 04:43 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-02-09 06:31 . 2010-10-27 04:43 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-02-09 06:31 . 2011-01-07 05:49 366080 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 06:31 . 2011-01-07 05:33 294400 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-02-09 06:31 . 2011-01-07 08:06 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-02-09 06:31 . 2011-01-07 07:27 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-30 15:25 . 2011-01-30 15:25 -------- d-----w- c:\users\danny\AppData\Local\Microsoft Games
2011-01-30 13:57 . 2011-01-30 13:57 103864 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-01-22 20:48 . 2011-01-22 20:48 -------- d-----w- c:\users\danny\AppData\Roaming\Ubisoft
2011-01-22 20:48 . 2011-01-22 20:48 -------- d-----w- c:\programdata\Ubisoft
2011-01-22 20:23 . 2011-01-22 20:23 -------- d-----w- c:\program files (x86)\PowerISO
2011-01-22 20:23 . 2010-04-12 08:55 91568 ----a-w- c:\windows\system32\drivers\scdemu.sys
2011-01-22 19:13 . 2011-01-22 19:13 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2011-01-19 09:58 . 2011-01-19 09:58 -------- d-----w- c:\users\danny\Tracing

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-21 13:50 . 2010-12-21 13:50 53248 ----a-r- c:\users\danny\AppData\Roaming\Microsoft\Installer\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}\ARPPRODUCTICON.exe
2010-12-17 06:47 . 2010-08-10 19:53 94280 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2010-12-17 06:46 . 2010-08-10 19:53 45624 ----a-w- c:\windows\system32\drivers\fses.sys
2010-12-15 14:20 . 2010-08-08 18:54 42664 ----a-w- c:\windows\SysWow64\drivers\fsbts.sys
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-01-21 597792]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-08-08 26624]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"F-Secure Manager"="c:\program files (x86)\Telenet Security Pack\Common\FSM32.EXE" [2009-08-05 199264]
"F-Secure TNB"="c:\program files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" [2009-08-05 2349664]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-11-17 421160]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe" [2010-07-16 307184]
"CPMonitor"="c:\program files (x86)\Roxio 2011\5.0\CPMonitor.exe" [2010-07-13 84464]
"Desktop Disc Tool"="c:\program files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe" [2010-06-30 477680]
"PWRISOVM.EXE"="c:\program files (x86)\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Updateservice (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 135664]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-30 362992]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-07-16 354288]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-30 313840]
R3 RoxMediaDB13;RoxMediaDB13;c:\program files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-07-16 1099248]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-08 1255736]
R4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\Telenet Security Pack\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
R4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\Telenet Security Pack\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]
R4 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 257936]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [2009-06-02 27120]
S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [2009-06-02 19952]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-08-15 834544]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2009-08-05 57920]
S1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2010-12-17 45624]
S1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2010-12-17 94280]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [2009-06-02 27632]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-06-02 457200]
S2 BOT4Service;BOT4Service;c:\program files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-07-14 32240]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-19 386416]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2010-11-30 194728]
S3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2010-12-20 63992]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2009-10-27 151040]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-12-20 24152]
S3 NETw5s64;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-09-07 155752]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2009-08-19 11392]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-07-31 393216]

.
Inhoud van de 'Gedeelde Taken' map

2011-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 13:00]

2011-02-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-12 13:00]
.

--------- x86-64 -----------


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-10-13 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060320]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-08-08 171520]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=eu01
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Pagina verzenden naar &Bluetooth-apparaat... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: c:\program files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
.
- - - - ORPHANS VERWIJDERD - - - -

Notify-VESWinlogon - VESWinlogon.dll
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Apoint - %ProgramFiles%\Apoint\Apoint.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10l.ocx, 1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE
c:\program files (x86)\Telenet Security Pack\Common\FSMA32.EXE
c:\program files (x86)\Telenet Security Pack\Common\FSHDLL32.EXE
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files\Sony\VAIO Care\VCSpt.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe
c:\program files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe
c:\program files (x86)\Telenet Security Pack\Anti-Virus\fsav32.exe
c:\program files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
.
**************************************************************************
.
Voltooingstijd: 2011-02-14 18:21:32 - machine werd herstart
ComboFix-quarantined-files.txt 2011-02-14 17:21

Pre-Run: 158.068.301.824 bytes beschikbaar
Post-Run: 157.855.473.664 bytes beschikbaar

- - End Of File - - 36940BF6F18C8A0F628F4844DEEAEBF4


Omhoog
 Profiel  
 
BerichtGeplaatst: di feb 15, 2011 10:25 am 
Offline
Helper
Avatar gebruiker

Geregistreerd: wo aug 05, 2009 1:51 pm
Berichten: 3534
Besturingssysteem: Windows 7
Bescherming: .
Hoi,

Ondervind je nog problemen?

Woudje100

_________________
AfbeeldingAvira AntiVir zonder reclame

Goed geholpen ? Overweeg dan een vrijblijvende donatie.. Bedankjes i.p.v. Donatie kan ook. :)


Omhoog
 Profiel  
 
BerichtGeplaatst: di feb 15, 2011 6:48 pm 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
windows verkenner wil niet werken als ik een cd in legt.


Omhoog
 Profiel  
 
BerichtGeplaatst: wo feb 16, 2011 9:48 pm 
Offline
Helper
Avatar gebruiker

Geregistreerd: wo aug 05, 2009 1:51 pm
Berichten: 3534
Besturingssysteem: Windows 7
Bescherming: .
Bedoel je dat als je een cd in de cd-rom speler doet, dat de cd-rom niet automatische opstart?

Woudje100

_________________
AfbeeldingAvira AntiVir zonder reclame

Goed geholpen ? Overweeg dan een vrijblijvende donatie.. Bedankjes i.p.v. Donatie kan ook. :)


Omhoog
 Profiel  
 
BerichtGeplaatst: wo feb 16, 2011 11:20 pm 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
hij start niet automatisch maar dat is niet erg maar als ik dan naar deze computer ga dan loopt deze vast


Omhoog
 Profiel  
 
BerichtGeplaatst: vr feb 18, 2011 7:57 pm 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
Heb mijn cd speler verwijderd en terug geinstaleerd maar probleem blijft.
Ik heb de cd van ubuntu erin gestoken en mijn laptop laten opstarten en als werkte.
Ik weet geen raad meer.


Omhoog
 Profiel  
 
BerichtGeplaatst: za feb 19, 2011 8:04 pm 
Offline
Helper
Avatar gebruiker

Geregistreerd: wo aug 05, 2009 1:51 pm
Berichten: 3534
Besturingssysteem: Windows 7
Bescherming: .
Hoi,

Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:
DDS - Bleeping Computer download.
DDS - Bleeping Computer download.
DDS - Infospyware.


Afbeelding

DDS is een diagnosetool en maakt gebruik van scripts.

Schakel je beveiligings software uit voordat je DDS uitvoert!

Dubbelklik op DDS om de tool te starten.

DDS zal 2 logfiles openen:
* DDS.txt
* Attach.txt


Een scherm vraagt je om beide logjes op te slaan omdat de logjes weg zullen zijn als je ze sluit.
Sla de logjes op bijvoorbeeld op je bureaublad of een andere plaats waar je ze makkelijk terug vind.

Post het DDS.txt logje met je volgende antwoord. De Attach.txt post je alleen wanneer ik hier om vraag.

Woudje100

_________________
AfbeeldingAvira AntiVir zonder reclame

Goed geholpen ? Overweeg dan een vrijblijvende donatie.. Bedankjes i.p.v. Donatie kan ook. :)


Omhoog
 Profiel  
 
BerichtGeplaatst: zo feb 20, 2011 10:41 am 
Offline
Lid

Geregistreerd: za feb 12, 2011 2:17 pm
Berichten: 10
Besturingssysteem: windows 7
Bescherming: telenet security pack
DDS (Ver_10-12-12.02) - NTFS_AMD64
Run by danny at 9:36:41,49 on zo 20/02/2011
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.32.1043.18.4014.2380 [GMT 1:00]

AV: Telenet Security Pack 9.01 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Telenet Security Pack 9.01 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Telenet Security Pack 9.01 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\FSGK32.EXE
C:\Program Files (x86)\Telenet Security Pack\Common\FSMA32.EXE
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\WindowsMobile\wmdcBase.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe
C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fssm32.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Sony\VAIO Care\VCsystray.exe
C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Telenet Security Pack\Common\FSLAUNCH.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\danny\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=eu01
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - C:\Program Files (x86)\Telenet Security Pack\NRS\iescript\baselitmus.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [F-Secure Manager] "C:\Program Files (x86)\Telenet Security Pack\Common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "C:\Program Files (x86)\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2011\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2011\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
IE: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
LSP: C:\Program Files (x86)\Telenet Security Pack\FSPS\program\FSLSP.DLL
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resourc ... oscan8.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun-x64: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
mRun-x64: [Apoint] %ProgramFiles%\Apoint\Apoint.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
mRun-x64: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdcBase.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-8 55856]
R0 Sahdad64;HDD Filter Driver;C:\Windows\System32\drivers\Sahdad64.sys [2010-12-21 27120]
R0 Saibad64;Volume Filter Driver;C:\Windows\System32\drivers\Saibad64.sys [2010-12-21 19952]
R1 F-Secure HIPS;F-Secure HIPS Driver;C:\Program Files (x86)\Telenet Security Pack\HIPS\drivers\fshs.sys [2010-8-10 57920]
R1 FSES;F-Secure Email Scanning Driver;C:\Windows\System32\drivers\fses.sys [2010-8-10 45624]
R1 FSFW;F-Secure Firewall Driver;C:\Windows\System32\drivers\fsdfw.sys [2010-8-10 94280]
R1 fsvista;F-Secure Vista Support Driver;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsvista.sys [2010-8-10 14904]
R1 SaibVdAd64;Virtual Disk Driver;C:\Windows\System32\drivers\SaibVdAd64.sys [2010-12-21 27632]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2009-6-2 457200]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2010-7-14 32240]
R2 F-Secure Gatekeeper Handler Starter;FSGKHS;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\fsgk32st.exe [2010-8-10 215648]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-2-12 363344]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2010-8-8 14112]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2009-11-23 93696]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2009-11-23 75776]
R2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-8-8 104960]
R2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416]
R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-9-15 845312]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-8-8 19968]
R3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-11-23 52264]
R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-11-23 35104]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\minifilter\fsgk.sys [2010-8-10 194728]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-11-23 151040]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-2-12 24152]
R3 NETw5s64;Intel(R) Wireless WiFi Link adapter stuurprogramma onder Windows 7 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-11-12 155752]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2009-11-23 11392]
R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-8-8 571248]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-8-8 1223024]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\System32\drivers\vwifimp.sys [2009-7-14 17920]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-11-23 393216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Updateservice (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-12 135664]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe [2010-7-16 354288]
S3 F-Secure BlackLight Sensor;F-Secure BlackLight Sensor;C:\Windows\temp\F-Secure\Anti-Virus\fsblsrv.exe [2011-2-18 167936]
S3 FSORSPClient;F-Secure ORSP Client;C:\Program Files (x86)\Telenet Security Pack\ORSP Client\fsorsp.exe [2010-8-10 63992]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-24 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]
S3 RoxMediaDB13;RoxMediaDB13;C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe [2010-7-16 1099248]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]
S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-8-8 1255736]
S4 F-Secure Filter;F-Secure File System Filter;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\win2k\fsfilter.sys [2010-8-10 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files (x86)\Telenet Security Pack\Anti-Virus\win2k\fsrec.sys [2010-8-10 25184]
S4 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-9-29 257936]

=============== Created Last 30 ================

2011-02-18 06:08:02 7844688 ----a-w- C:\PROGRA~3\Microsoft\Windows Defender\Definition Updates\{9EBBC800-3DD6-4F06-95FA-6D65373E8252}\mpengine.dll
2011-02-14 18:23:16 -------- d-----w- C:\Users\danny\AppData\Local\Activision
2011-02-14 18:13:38 -------- d-sh--w- C:\$RECYCLE.BIN
2011-02-14 17:03:07 -------- d-----w- C:\ComboFix
2011-02-13 20:00:00 -------- d-----w- C:\Users\danny\AppData\Local\Apple
2011-02-13 00:45:45 -------- d-----w- C:\Users\danny\AppData\Local\Adobe
2011-02-12 12:09:04 388096 ----a-r- C:\Users\danny\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-02-12 12:09:04 -------- d-----w- C:\Program Files (x86)\dan hijack
2011-02-12 10:45:25 98816 ----a-w- C:\Windows\sed.exe
2011-02-12 10:45:25 89088 ----a-w- C:\Windows\MBR.exe
2011-02-12 10:45:25 256512 ----a-w- C:\Windows\PEV.exe
2011-02-12 10:45:25 161792 ----a-w- C:\Windows\SWREG.exe
2011-02-12 08:34:13 -------- d-----w- C:\Users\danny\AppData\Roaming\Malwarebytes
2011-02-12 08:34:00 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-02-12 08:33:58 -------- d-----w- C:\PROGRA~3\Malwarebytes
2011-02-12 08:33:54 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-02-12 08:33:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-02-09 06:31:59 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-02-09 06:31:58 3957120 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-02-09 06:31:54 366080 ----a-w- C:\Windows\System32\atmfd.dll
2011-02-09 06:31:54 294400 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-02-09 06:31:53 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-02-09 06:31:53 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-01-30 15:25:31 -------- d-----w- C:\Users\danny\AppData\Local\Microsoft Games
2011-01-30 13:57:00 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-01-22 20:48:48 -------- d-----w- C:\Users\danny\AppData\Roaming\Ubisoft
2011-01-22 20:23:54 91568 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2011-01-22 20:23:54 -------- d-----w- C:\Program Files (x86)\PowerISO
2011-01-22 19:13:59 -------- d-----w- C:\Program Files (x86)\Elaborate Bytes

==================== Find3M ====================

2011-01-26 06:53:10 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2011-01-26 06:53:10 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2011-01-26 06:31:20 144384 ----a-w- C:\Windows\System32\cdd.dll
2011-01-05 06:20:30 612352 ----a-w- C:\Windows\System32\vbscript.dll
2011-01-05 05:37:33 428032 ----a-w- C:\Windows\SysWow64\vbscript.dll
2011-01-05 04:00:16 3127808 ----a-w- C:\Windows\System32\win32k.sys
2010-12-21 06:16:27 97280 ----a-w- C:\Windows\System32\wscsvc.dll
2010-12-21 06:16:27 62976 ----a-w- C:\Windows\System32\wscapi.dll
2010-12-21 06:16:16 214016 ----a-w- C:\Windows\System32\winsrv.dll
2010-12-21 06:16:14 442880 ----a-w- C:\Windows\System32\winhttp.dll
2010-12-21 06:16:14 1197056 ----a-w- C:\Windows\System32\wininet.dll
2010-12-21 06:16:09 258048 ----a-w- C:\Windows\System32\WebClnt.dll
2010-12-21 06:15:55 264192 ----a-w- C:\Windows\System32\upnp.dll
2010-12-21 06:15:31 15360 ----a-w- C:\Windows\System32\slwga.dll
2010-12-21 06:13:03 2003968 ----a-w- C:\Windows\System32\msxml6.dll
2010-12-21 06:13:03 1880576 ----a-w- C:\Windows\System32\msxml3.dll
2010-12-21 06:10:22 100864 ----a-w- C:\Windows\System32\davclnt.dll
2010-12-21 05:38:24 51200 ----a-w- C:\Windows\SysWow64\wscapi.dll
2010-12-21 05:38:22 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-12-21 05:38:22 350720 ----a-w- C:\Windows\SysWow64\winhttp.dll
2010-12-21 05:38:21 204800 ----a-w- C:\Windows\SysWow64\WebClnt.dll
2010-12-21 05:38:19 204288 ----a-w- C:\Windows\SysWow64\upnp.dll
2010-12-21 05:38:16 14336 ----a-w- C:\Windows\SysWow64\slwga.dll
2010-12-21 05:36:17 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll
2010-12-21 05:36:16 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll
2010-12-21 05:34:12 80384 ----a-w- C:\Windows\SysWow64\davclnt.dll
2010-12-18 06:11:41 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-12-18 06:11:34 714752 ----a-w- C:\Windows\System32\kerberos.dll
2010-12-18 05:29:40 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-12-18 05:29:31 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll
2010-12-18 04:55:03 482816 ----a-w- C:\Windows\System32\html.iec
2010-12-18 04:20:55 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-12-18 04:13:40 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-12-18 03:47:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-12-17 06:47:11 94280 ----a-w- C:\Windows\System32\drivers\fsdfw.sys
2010-12-17 06:46:32 45624 ----a-w- C:\Windows\System32\drivers\fses.sys

============= FINISH: 9:37:40,66 ===============


Omhoog
 Profiel  
 
BerichtGeplaatst: zo feb 20, 2011 12:23 pm 
Offline
Helper
Avatar gebruiker

Geregistreerd: wo aug 05, 2009 1:51 pm
Berichten: 3534
Besturingssysteem: Windows 7
Bescherming: .
Hoi,

Ga naar start --> uitvoeren.
Typ daar notepad en druk op enter
Kopieer onderstaande (code) in dit kladblokbestand.
Code:
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{32099AAC-C132-4136-9E9A-4E364A424E17}"=-

Klik op Bestand > Opslaan als.
Bij "Opslaan in" kies je: Bureaublad
Bij "Bestandsnaam" zet je: Fix.reg
Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
Klik op de knop Opslaan.

Dubbelklik op "Fix.reg" en sta toe dat de wijzigingen in het register worden toegepast.

Download Dr.Web CureIt en sla het op je bureaublad op.

  • Dubbelklik drweb-cureit.exe en sta het toe om te express scan te starten.
  • Indien er een popup verschijnt met het voorstel tot kopen/50% korting mag je deze sluiten.
  • De express scan zal de bestanden scannen die momenteel in het geheugen geladen zijn. Wanneer er iets gevonden wordt klik op 'alles selecteren' kies nu voor 'repareren' en uit het kleine menutje dat verschijnt kies je 'verplaatsen'.
  • Kies bovenaan in het menu voor Language/Taal en wijzig deze naar Dutch (Nederlands) indien deze bij jou anders staat ingesteld.
  • Druk op F9, kies daarna voor het tabblad Acties en stel daar het volgende in onder Malware:
    • Adware: Verplaats
    • Dialers: Verplaats
    • Jokes: Rapportage
    • Riskware: Rapportage
    • Hacktools: Verplaats
    • Haal dan het vinkje weg bij 'Prompt bij actie'.
  • Kies daarna voor het tabblad Scan en verwijder het vinkje bij Heuristische analyse.
  • Druk vervolgens op Toepassen gevolgd door OK.
  • Eenmaal als de korte scan is beëindigd vink je aan: Volledige scan.
  • Druk daarna op het groene pijltje (start knop) om de scan te starten.
  • Gevonden bestanden worden naar '%USERPROFILE%\DocterWeb\Quarantine' -map verplaatst indien het herstellen niet mogelijk is.
  • Nadat de scan gedaan is ga dan naar Bestand en kies Rapportage lijst opslaan.
  • Bewaar deze op je bureaublad en sluit daarna Dr.Web CureIt.
  • Herstart vervolgens de computer!! Dit is een belangrijke stap want het kan zijn dat Dr.Web CureIt bestanden zal verplaatsen/verwijderen tijdens herstart.
  • Na het herstarten, kopieer en plak de inhoud van die log die je eerder hebt bewaard in je volgende post.

Woudje100

_________________
AfbeeldingAvira AntiVir zonder reclame

Goed geholpen ? Overweeg dan een vrijblijvende donatie.. Bedankjes i.p.v. Donatie kan ook. :)


Omhoog
 Profiel  
 
Geef de vorige berichten weer:  Sorteer op  
Dit onderwerp is gesloten, je kunt geen berichten wijzigen of nieuwe antwoorden plaatsen  [ 20 berichten ]  Ga naar pagina 1, 2  Volgende

Forumoverzicht » RSIT/DDS/HijackThis logfiles » Opgeloste RSIT/DDS/HijackThis logfiles


Wie is er online

Gebruikers op dit forum: Bing [Bot] en 0 gasten


Je mag geen nieuwe onderwerpen in dit forum plaatsen
Je mag niet antwoorden op een onderwerp in dit forum
Je mag je berichten in dit forum niet wijzigen
Je mag je berichten niet uit dit forum verwijderen
Je mag geen bijlagen toevoegen in dit forum

Ga naar:  
Powered by phpBB® Forum Software © phpBB Group
phpBB.nl Vertaling